PfBlocker whitelist issues
-
If I missed the post on this please direct me toward it. I searched various ways hoping to find something about this.
My issue is that I have about 20 IPs/ranges that are in a custom list (not remotely loaded) that act as a whitelist. I can't seem to get them to always work.
Some days the whitelist works and other it just stops functioning. If I go in and edit anything (move a line around or add a space) and save the list again, it starts working. It will work anywhere from a few hours to days at a time.
I've just started using pfBlocker last a week ago so I'm newer than noob at this. Any suggestions on what I should try, change, or give up on?
-
do you have any alerts on system logs?
did you tried including it on an alias instead of using pfblocker?
-
No errors or alerts on the logs. Just synch and updates when changes are made to the whitelist.
So create an alias, create a rule for the alias to allow items to pass through. Good link for instructions? I've been using it for almost a week so I'm a bit fresh. Not even found any good reference materials yet.
-
apply a rule just like you see pfblocker creating.
To create an alias, go on firewall-> aliases.
To import a big list, use the bulk import button (arrow up).
-
I spent the last 9 days on vacation. Giving this a go. Addded pfblockerWhitelist to the firewall rules. So far so good.
-
OK. rule setup using alias pfBlockerWhitelist. EDIT(guess there is no "." in it)
It worked until this morning. Again being blocked on Organi.sr. Using it as a test now since I use it every day.
We're also using pfBlocker on another server at our other office without issue. So it might be a configuration issue.
Any ideas on what to look for when checking settings (or at least a good place to start)?
-
I had slightly different problem but also involved problem with Alias. To work around I went to Diagnostics/Tables then select the table in question (was the same as alias name) and delete all entries in the table via the "all" link at the very bottom.
After that Reload Filter via Status/Filter reload .
I am leaning towards the possibility that there's some strange issue with managing Aliases. But I am like yourself a noob too, so don't count on me.
-
So adding it as an external file that is loaded every hour seems to be working. I'd like ti figure out what exactly is going on and report that when I get to it, but we operate on the edge of failure at all times. Keeps me on my toes and doesn't allow for much time to work on issues that are quasi-functional.
Hopefully one day I will embark on this quest to fix it once and for all.
-
I did not get quite the rest I would have liked. Now even having it update from a dropbox link I am having to constantly refresh the link to the file to get it to work.
ARGH…. OK. Alias setup, set as first rule in firewall, list auto updates every hour from an external linked file. What could I be missing?
From what I've seen the setup is the same as the settings on the other firewall in our other office, which is not having any issues.
What else can I look at to track down this issue?
EDIT: I did notice a warning on the server this morning. Filter Reloaded - Some unresovable aliases (or something like that).